FROM python:3.10-slim

WORKDIR /yolov8

# 创建非 root 用户
RUN groupadd -r appuser && useradd -r -g appuser appuser

# 安装系统依赖
RUN apt-get update && apt-get install -y \
    libgl1-mesa-glx \
    libglib2.0-0 \
    libsm6 \
    libxext6 \
    libxrender-dev \
    libgomp1 \
    && rm -rf /var/lib/apt/lists/*

# 安装 Python 依赖
COPY requirements.txt .
RUN pip install --no-cache-dir -r requirements.txt && \
    rm -rf /root/.cache/pip

# 复制代码并设置权限
COPY . .
RUN mkdir -p /yolov8/log && \
    chown -R appuser:appuser /yolov8 && \
    chmod 644 /yolov8/gunicorn.conf.py

# 设置环境变量（可选）
ENV PYTHONPATH=/yolov8

# 切换到非 root 用户
USER appuser

EXPOSE 5000
ENTRYPOINT ["gunicorn", "pre:app", "-c", "gunicorn.conf.py"]
